October 21st, 2006 06:05 PM
Hard disk data security
Should users use encryption software on the hard disk before storing data on it? Rather than using secure-wipe to remove the data if you want to sell the hard disk.
Other than TrueCrypt is there any other disk encryption software?
October 22nd, 2006 02:48 PM
First question to ask:
What are the requirements?
Second question to ask:
Is the data classified as sensitive enough for encryption?
You get the idea. Don't add technology unless you're solving a problem.
Guardian makes disk encryption software for the enterprise.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
October 22nd, 2006 03:09 PM
A lot also depends upon what you are attempting to achieve with encryption. If, as you post suggests, you are looking at encryption to prevent data retrieval after the hard drive has left your possession, that is something I wouldn't suggest. Physical access to the disk, especially if the attacker is the new owner of the disk, will ultimately defeat most encryption - it is really just a matter of how determined the attacker is. If this is the case you are asking, then no. I wouldn't use encryption rather than secure-wipe to protect data.
Originally Posted by Death_Knight
October 22nd, 2006 05:37 PM
I have read articles over the net, people buy used hard disk and they could manage to recover internet banking files and other personal information. This shows that they probably did not do a "wipe" before selling their hard disk.
Originally Posted by thehorse13
Once again, all these problems might not exist in the first place if they use disk encryption software. What I am thinking right now, is there a need for home users to encrypt their disk?
October 22nd, 2006 06:00 PM
Most people keep their drive until dead, or physically destroy it in a "secure" environment.
Hey, just how much is a second hand drive worth?
The problem is with a complete system.....you just wipe the drive
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
October 23rd, 2006 05:34 AM
Most of these problems would not exist if people just used their heads!
Once again, all these problems might not exist in the first place if they use disk encryption software.
The average home user, probably not. If they do work at home and handle “sensitive” information, maybe, but they should already have a routine of properly wiping the data from the computer after each use, and storing any backups securely.
What I am thinking right now, is there a need for home users to encrypt their disk?
( This should be spelled out by whomever they received the information from in AUPs, etc. )
I just get the feeling that:
1) the average home user would eventually set the system up so that every time they turned on the computer the disk would be decrypted automatically, defeating the purpose of encryption in the first place ( people are generally lazy, and want to make things as simple as possible. )
2) the average home user would never properly wipe a drive because they would rely on the encryption, which they effectively defeated ( see #1 )
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
October 23rd, 2006 08:42 AM
I found something interesting that some of data recovery software can recover data after formatting hard disk 6 times. So I have decided to try on my hard disk but it works only 2 times on my hard disk, after formatting 3 times I am not able to get my data back. By the way I was using easy recovery. Is there any more powerful software than this?
Is it secure to just wipe the data using some tools? I mean what is more secure (physically destroy or wipe data using some tools) normal home users can not afford to physically destroy hard drive every time. There are some forensic tools like Encase which can recover everything and can find out personal information on hard disk. Most of times my clients ask me for best way to distort their account database from hard drive, I suggested them some tools for permanent data removing. I am not sure but some of data Recovery Company says that they can recover data even if we have deleted using some removal tools.
one of the great day in my life when i found antionline.com
October 24th, 2006 12:46 AM
Maybe this is irrelevant...
As I understand it, the purpose of encrypting data on the HDD is to protect them from others' access. If you alone access the data, and you are quite sure that your firewall and realtime virus and spy/malware are sufficiently robust, the data can stay there unencrypted and only you alone has access to it.
For my part, I see no use of data encryption except when I need to send classified information and communication through email (which is something I never did as I'd rather entrust such matters to a warm body courier).
Should the HDD crash, I'll make sure it stays that way... no one else will be able to access the data thereat as all parts will literally go through the sledgehammer then sent to rust... they'd never reach any dumping area.
Si vis pacem, para bellum!
November 16th, 2006 07:41 AM
Well .... show me the person who can decrypt pgp encrypted files without the password (I know the free version 8 had a security issue, but I'm talking about pgp 9). Secure wipe probably is the most practical way to render your data irretrievable if you're actually disposing of a hard drive, but strong encryption would work.
Originally Posted by TechGrunt
I have certain files encrypted on my hard drive because you just never know what might happen, and if there's data you really can't allow people to read then it's a sensible precaution.
November 16th, 2006 05:28 PM
If you are really serious about protecting/encrypting data then you need to pony up and move to a biometric solution. Privaris and Cryptometrics teamed up a few years ago to facilitate biometric authentication and encryption into one device. The nice thing about this combination is that they have the ability to separate the key pairs, where one part is on the FIPS certified fob and the other is on the HDD. Thus you avoid the problem with your standard encryption of having both key pairs on the HDD or Chip within the CPU. Give me access to both key pairs and the encryption can be brute forced.
Granted it is pricey, but you won't have to worry about your Sales Representatives or Account Managers taping their login information onto thier laptop because they can't remember the username and password associated with the encryption product. AAAARRRRGGGHHHH!!!!
The mentally handicaped are persecuted in this great country, and I say rightfully so! These people are NUTS!!!!